Necessity, mother of Invention, dispatched her other kid—Implementation—to help the energy industry with a major project: transition of the digital oil field from hype to reality.

“I think we’re going to look back at this era and go, ‘Wow, we’re really digitized,’” Alan Hinchman, global market director for infrastructure at GE Intelligent Platforms, told Midstream Business. “I think the digital oil field was a lot of marketing up until this year.”

Driving digital’s rapid ascension is the industry’s meteoric unconventional development, i.e., more holes, more pipes and compressors, more hydrocarbons to monitor, but not more skilled people out in the field to manage it all. Technology’s answer: Equip one worker in a play with a satellite-linked mobile device that delivers alerts about assets that need attention, rather than have that worker endlessly patrol the acreage to manually check on equipment. It could mean not having to deploy a second worker, and in this tight market, finding that second skilled worker to hire and deploy is a challenge.

“They just cannot turn some oil fields on because you can’t find guys who want to live in North Dakota or Midland, Texas,” Hinchman said. “There are just too many holes in the ground, and they’re too far apart. That’s what’s going to drive this. I don’t think revolution is too far of a statement. I think you’re going to see a lot more digitization.”

High cost

The price tag on a supervisory control and data acquisition system (SCADA) ranges into the millions of dollars, depending on its size and complexity. Contrast that with the potential cost—billions of dollars—of scrimping on such a system and then repairing the consequences of catastrophic failure:

  • Pipeline restoration;
  • Lost revenue from lost hydrocarbons;
  • Fines from environmental damage;
  • Court costs and settlements;
  • Legal fees;
  • Stock price hit; and
  • Lost opportunities deriving from diminished confidence from business partners and investors.

To understand the value of what a computer system is designed to manage and protect, consider the industry’s incredible economic impact. Michelle Michot Foss, chief energy economist at the University of Texas-Austin, built a purchasing-power parity model based on oil production in 2011. Global gross domestic product was $71 trillion. Oil and gas production touched $51 trillion of that in some form.

“This is why geopolitics are the way they are, this is why OPEC is the way it is, this is why the Middle East is the way it is,” Foss said at Hart Energy’s recent Energy Capital Conference in Houston.

“This is why we have plutocratic governments all over the place, including here in the United States,” she said. “They are trying to get their fair share of all of this, along with everyone else. The value creation is stupendous. We cannot produce $1 of gross domestic product in the United States or worldwide output without consuming energy to be able to transform other resources and technologies into real work and real product.”

High risk

Something that valuable has a name: target.

“In March 2012, [the U.S. Department of Homeland Security (DHS)] identified a campaign of cyber intrusions targeting natural gas pipeline-sector companies with spear-phishing emails,” Larry Zelvin, director of the National Cybersecurity & Communications Integration Center, testified in a written statement to the U.S. House Committee on Homeland Security.

Zelvin’s agency, a division of DHS, worked with the FBI, the Department of Energy and others to assist the two companies—a U.S. gas pipeline operator and a manufacturer of pipeline materials—but the point he made about vulnerability was clear.

A cybersecurity analyst was quoted by Rice University’s Christopher Bronk as providing this advice when asked for a message to top corporate leaders regarding information technology (IT) security:

  • The Chinese are on your network and you probably know about it;
  • The Russians are on your network and you probably don’t know about it; and
  • Give up.

“An acceptance of cyber vulnerability is required with regard to its computer systems and those upon which it depends to perform its missions,” wrote Bronk, director of energy and cybersecurity at the James A. Baker III Institute for Public Policy, in a paper published earlier this year for the U.S. Army War College’s Strategic Studies Institute.

Keeping the revolution running

The industry’s huge numbers of sophisticated machines are prone to do what all machines do: eventually break down and stop working. Anticipating failure allows for the ability to sidestep it and avoid cash-draining, unplanned downtime.

GE Intelligent Platforms’ system, called Historian, gathers disparate data sources into a single platform and stores them in a database.

“What we can do is apply predictive, self-learning algorithms that can tell us whether a specific device is operating properly, or at least operating in a manner in which our algorithms would expect it to,” Hinchman said. “When it’s outside compliance, or outside what we would expect it to do, we turn it over to one of our subject matter experts, and they can make a decision that says, ‘oh, look, he turned it off.’ Or, ‘oh, no, there’s something going on there and we should take a look at it.’ I spend a lot of time communicating how customers can reduce their unplanned downtime significantly.”

Equipment operating expenses pile up in two significant ways:

  • Breakdowns, which have a tendency to occur at inopportune times; and
  • Preventative maintenance designed to prevent breakdowns, which takes equipment offline even if it is not close to breaking down.

“When I have a highly valued asset which is a compressor, I’m going to shut it down every so many hundred hours or every so many thousand hours, and I’m going to replace out the bearings,” Hinchman said. “Those bearings may not be close to fail at all, but that’s what the manufacturer has said: Every 100,000 hours of operation, I’ll want to replace those parts.”

The other option is simply to run equipment to failure and then replace the broken parts. This is an unacceptable risk in many instances because of the possibility of catastrophic failure like a pipeline rupture.

What’s going on here?

Hinchman’s customers sought a data-driven solution—knowing what is actually happening at a given time with a given device.

“They’ve began a journey around the SCADA system,” he said. “SCADA would tell them, ‘if it’s hotter than this, or colder than that, or this level is higher or lower than this, then get me an alarm.’ And if you go as far as putting in vibration monitoring equipment and temperature sensors and all of these pieces. It will catch a failure right when the water dips to that lowest point, or the lube oil is drained out of it and it will give you an alarm.”

But that only informs the customer when things have gone terribly wrong. It does not necessarily avert a crisis.

“What we asked at General Electric was, ‘What happens in those hours and sometimes days or weeks before the failure?’” Hinchman said. “‘Is there a way of beginning to understand that those things are beginning to change?’”

The result was a product called Proficy SmartSignal that provides multivariant analysis. GE’s data scientists load algorithms related to a particular piece of equipment, such as a compressor, into their program. The program then “learns” the normal functioning of the equipment and becomes able to compare it to how it functions in real time. It alerts users to variances in temperature and can often predict when the machinery is on track to fail.

“And that’s when the magic of what we’re selling really takes place,” Hinchman said. “When you can say, ‘OK, in four weeks, you can change this piece of equipment out.’ Now you can go buy the piece of equipment, arrange a downtime period and make a replacement in a very rapid fashion.”

That kind of system is of value in any heavy equipment industry. Where SmartSignal is of particular use to the midstream is in tracking effects from different products, such as those that move up and down a pipeline.

Firewalls can be breached

Every digital step forward toward increased productivity equates to a step toward increased vulnerability and what Jim Anderson, president of BAE Systems’ Applied Intelligence division for the Americas, considers to be one of the greatest threats of digital criminality: loss of operational control.

“People go to digital oil fields and they look to combine [operations technology] and [information technology] networks, making their OT systems much more open and thereby exposed to some of the same challenges that you hear about daily in the financial world,” Anderson told Midstream Business. “We help work with them to secure those environments, to secure the converging of those networks with technology in the marketplace so they can manage their risk associated with this automation.”

The security of your system may be an issue beyond your control. It may depend on the intent of the person trying to break it.

“I don’t think midstream is less or more vulnerable [than other sectors],” Rice University’s Bronk told Midstream Business. Computer code is, in general, somewhat imperfect but large-scale industrial software does not change often, unlike consumer programs that update regularly.

Bronk calls systems in remote locations “lock and leave computing. The kind of computer where you check it, you lock it in a box and it’s so stable—it’s usually running on some sort of UNIX operating system—it’s incredibly stable and it can run for five years, or a year without needing a reboot or update. Usually these systems are not connected to the Internet.”


General Electric’s Proficy SmartSignal system monitors infrastructure assets and alerts operators when equipment appears to be close to experiencing a malfunction. Source: GE Intelligent Platforms

So hacking into a midstream computing system is probably unlikely, but not impossible.

“Usually there’s some sort of undergraduate or hacker or whoever who can prove me wrong,” Bronk said. “This is an entirely man-made infrastructure, so to say that something is physically impossible in code, that’s a hell of an assertion. Not that things aren’t impossible, but the possible is only limited, in many instances, by the imagination of the person who’s pushing for it.”

In the case of the Shamoon virus, the motivation was geopolitical. An unknown attacker unleashed a self-replicating virus that infected as many as 30,000 personal computers operating on the Saudi Arabian Oil Co.’s network in August 2012, deleting data on hard drives and overwriting the master boot record so as to render the computers unusable. The DHS determined that the Shamoon “wiper” module could disrupt critical systems and cost an organization significant loss of intellectual property.

Shamoon only affected Saudi Aramco’s business systems, not the infrastructure of the energy giant, estimated by energy finance experts at the University of Texas to have a value of as much as $3.6 trillion, or more than five times the combined market capitalization of Royal Dutch Shell Plc and ExxonMobil Corp. But earlier in 2012, a complex piece of malware dubbed Flame was reportedly detected on the computer systems of Iran’s primary oil facility at Kharg Island in the Persian Gulf, an indication that cyber warriors were targeting the lifeblood of that country’s economy.

In other words, any country’s economy could be vulnerable.

“Protecting critical infrastructure against growing and evolving threats requires a layered approach,” Scott McConnell, spokesman for the DHS, told Midstream Business. “The Department of Homeland Security actively collaborates with public and private sector partners every day, which includes the Department of Energy [DOE] and owners and operators of critical infrastructure in the energy sector, to help secure the key systems upon which Americans rely.”

DHS regularly briefs senior officials from the DOE and CEOs of major energy companies about evolving threats—both physical and cyber—to critical infrastructure. Because the vast majority of infrastructure in the U.S. is privately owned, a close collaboration between government and industry is required to reduce risks.

The Oil and Natural Gas Information Sharing and Analysis Center (ONG-ISAC), a new industry organization, is designed around sharing cyber-threat information among member companies, helping member companies detect threats, learn from threats, protect themselves from threats and improve processes around detection and response.

“We do not foresee a direct role for ONG-ISAC in incident response for member companies other than the value of cyber-threat information that member companies gain from participating in ONG-ISAC,” spokesman Curt Craig told Midstream Business. “We do intend to support rehearsals and exercises as a means to help interested member companies mature their incident response capabilities.”

For better, for worse

The outlook for computing power in the industry is ever more efficient, cost-effective technology to smooth the accessibility to information across the value chain.

Oh, and an increased likelihood of a cyber attack that leads to catastrophic failure.

“What we’re seeing is a strong push to decentralization of computing power,” said GE’s Hinchman. “You’re having smarter devices either on the instruments or PLCs [programmable logic controllers] that have so much more computing power, pull in more information.”

Cost has been a primary driver toward centralization in the past 20 years, Hinchman said, but that kind of approach is no longer adequate in an era when CFOs want to know exactly how much oil and gas is flowing through their pipelines, and they want to know it now.

“They’re doing some sort of cost equations and value equations and inter-pipeline trading, and so the data that comes from these SCADA systems is a lot more than just red and green lights on a pump,” he said. “I think that’s the biggest change that we’re seeing, and that’s what the industry is adapting to. That’s why we see more computing power going into the equipment, the ability of high-speed data acquisition, and then ultimately, trends, and some of those things that have forever been changed.

Bronk, the energy IT scholar, sees it, too.

“Computing since the 1990s has given us enormous productivity gains,” he said. “If you can monitor all the wells in a field via remote, or if you can monitor all of a refining operation with three people instead of 30, think of the savings.”

BAE Systems Applied Intelligence has focused on securing connections between OT and IT networks. It employs hardware-based network segmentation technology as well as its own security experts who assess clients’ needs and vulnerabilities.

“I think some of those threats are simply unknown,” he said. “I think we’re just starting to come to grips with this transition to a much more automated world with systems that used to be air-gapped—totally separate legacy systems in many senses. Now, because of the drive toward productivity and really, the compelling productivity numbers you’re seeing with automating environments through the Internet, people are saying, ‘I have to take that risk. Let me see what happens as a result of it.’”

Bronk is concerned about organized hackers, like the Anonymous Group, and loosely affiliated semi-independent hackers who have started to target the oil and gas industry. They haven’t had much success so far, he said, but that doesn’t mean they won’t get better.

“Cyber is actually a more appealing vector for those kind of folks than actually going and blowing something up,” he said. “They’d rather just shut it down, probably.”

That might be the intent, but not necessarily the outcome once a hacker breaks into a system and starts to wreak havoc: “You could break it in a way that could cause a catastrophic impact,” he said.

“The BP explosion [at the Texas City refinery in March 2005] was a pretty catastrophic event,” Bronk said. “We know that these bad things happen. The question is, how do we contain these things and how do we prevent worse things from happening. How much should we be worried? What is the return on investment? These are all good questions that don’t really have great answers yet.”

Joseph Markman can be reached at jmarkman@hartenergy.com or 713-260-5208.